mirror of
https://github.com/corda/corda.git
synced 2024-12-18 20:47:57 +00:00
0091807c2f
The various crypto tests that were previously ignored have been re-enabled. The abandoned i2p EdDSA library has been replaced with native support that was added in Java 15. Java 17 (via the `SunEC` provider) does not support the secp256k1 curve (one of the two ECDSA curves supported in Corda). This would not normally have been an issue as secp256k1 is already taken care of by Bouncy Castle. However, this only works if the `Crypto` API is used or if `”BC”` is explicitly specified as the provider (e.g. `Signature.getInstance(“SHA256withECDSA”, “BC”)`). If no provider is specified, which is what is more common, and actually what the Java docs recommend, then this doesn’t work as the `SunEC` provider is selected. To resolve this, a custom provider was created, installed just in front of `SunEC`, which “augments” `SunEC` by delegating to Bouncy Castle if keys or parameters for secp256k1 are encountered. `X509Utilities.createCertificate` now calls `X509Certificate.verify()` to verify the created certificate, rather than using the Bouncy Castle API. This is more representative of how certificates will be verified (e.g. during SSL handshake) and weeds out other issues (such as unsupported curve error for secp256k1). `BCCryptoService` has been renamed to `DefaultCryptoService` as it no longer explicitly uses Bouncy Castle but rather uses the installed security providers. This was done to fix a failing test. Further, `BCCryptoService` was already relying on the installed providers in some places. The hack to get Corda `SecureRandom` working was also resolved. Also, as an added bonus, tests which ignored `SPHINCS256_SHA256` have been reinstated. Note, there is a slightly inconsistency between how EdDSA and ECDSA keys are handled (and also RSA). For the later, Bouncy Castle is preferred, and methods such as `toSupportedKey*` will convert any JDK class to Bouncy Castle. For EdDSA the preference is the JDK (`SunEC`). However, this is simply a continuation of the previous preference of the i2p library over Bouncy Castle.
310 lines
14 KiB
Groovy
310 lines
14 KiB
Groovy
plugins {
|
|
id 'com.google.cloud.tools.jib' version '0.9.4'
|
|
}
|
|
|
|
apply plugin: 'org.jetbrains.kotlin.jvm'
|
|
// Java Persistence API support: create no-arg constructor
|
|
// see: http://stackoverflow.com/questions/32038177/kotlin-with-jpa-default-constructor-hell
|
|
apply plugin: 'org.jetbrains.kotlin.plugin.jpa'
|
|
apply plugin: 'net.corda.plugins.quasar-utils'
|
|
apply plugin: 'corda.common-publishing'
|
|
|
|
description 'Corda node modules'
|
|
|
|
ext {
|
|
Properties constants = new Properties()
|
|
file("$rootDir/constants.properties").withInputStream { constants.load(it) }
|
|
|
|
jolokia_version = constants.getProperty('jolokiaAgentVersion')
|
|
}
|
|
|
|
//noinspection GroovyAssignabilityCheck
|
|
configurations {
|
|
integrationTestImplementation.extendsFrom testImplementation
|
|
integrationTestRuntimeOnly.extendsFrom testRuntimeOnly
|
|
|
|
slowIntegrationTestImplementation.extendsFrom testImplementation
|
|
slowIntegrationTestRuntimeOnly.extendsFrom testRuntimeOnly
|
|
|
|
corda4_11
|
|
}
|
|
|
|
sourceSets {
|
|
integrationTest {
|
|
kotlin {
|
|
compileClasspath += main.output + test.output
|
|
runtimeClasspath += main.output + test.output
|
|
srcDir file('src/integration-test/kotlin')
|
|
}
|
|
java {
|
|
compileClasspath += main.output + test.output
|
|
runtimeClasspath += main.output + test.output
|
|
srcDir file('src/integration-test/java')
|
|
}
|
|
resources {
|
|
srcDir file('src/integration-test/resources')
|
|
}
|
|
}
|
|
slowIntegrationTest {
|
|
kotlin {
|
|
compileClasspath += main.output + test.output
|
|
runtimeClasspath += main.output + test.output
|
|
srcDir file('src/integration-test-slow/kotlin')
|
|
}
|
|
java {
|
|
compileClasspath += main.output + test.output
|
|
runtimeClasspath += main.output + test.output
|
|
srcDir file('src/integration-test-slow/java')
|
|
}
|
|
resources {
|
|
srcDir file('src/integration-test-slow/resources')
|
|
}
|
|
}
|
|
}
|
|
|
|
jib.container {
|
|
mainClass = "net.corda.node.Corda"
|
|
args = ['--log-to-console', '--no-local-shell', '--config-file=/config/node.conf']
|
|
// The Groovy string needs to be converted to a `java.lang.String` below.
|
|
jvmFlags = ['-Xmx1g', "-javaagent:/app/libs/quasar-core-${quasar_version}.jar".toString()]
|
|
}
|
|
|
|
// Use manual resource copying of log4j2.xml rather than source sets.
|
|
// This prevents problems in IntelliJ with regard to duplicate source roots.
|
|
processResources {
|
|
from file("$rootDir/config/dev/log4j2.xml")
|
|
from file("$rootDir/config/dev/jolokia-access.xml")
|
|
from(tasks.getByPath(":verifier:shadowJar")) {
|
|
into("net/corda/node/verification")
|
|
rename { "external-verifier.jar" }
|
|
}
|
|
}
|
|
|
|
processTestResources {
|
|
from file("$rootDir/config/test/jolokia-access.xml")
|
|
from(tasks.getByPath(":finance:contracts:jar")) {
|
|
rename 'corda-finance-contracts-.*.jar', 'corda-finance-contracts.jar'
|
|
}
|
|
from(tasks.getByPath(":finance:workflows:jar")) {
|
|
rename 'corda-finance-workflows-.*.jar', 'corda-finance-workflows.jar'
|
|
}
|
|
from(tasks.getByPath(":testing:cordapps:cashobservers:jar")) {
|
|
rename 'testing-cashobservers-cordapp-.*.jar', 'testing-cashobservers-cordapp.jar'
|
|
}
|
|
from(configurations.corda4_11)
|
|
}
|
|
|
|
// To find potential version conflicts, run "gradle htmlDependencyReport" and then look in
|
|
// build/reports/project/dependencies/index.html for green highlighted parts of the tree.
|
|
|
|
dependencies {
|
|
implementation project(':core')
|
|
implementation project(':node-api')
|
|
implementation project(':client:rpc')
|
|
implementation project(':client:jackson')
|
|
implementation project(':tools:cliutils')
|
|
implementation project(':common-validation')
|
|
implementation project(':common-configuration-parsing')
|
|
implementation project(':common-logging')
|
|
implementation project(':serialization')
|
|
// Backwards compatibility goo: Apps expect confidential-identities to be loaded by default.
|
|
// We could eventually gate this on a target-version check.
|
|
implementation project(':confidential-identities')
|
|
implementation "io.opentelemetry:opentelemetry-api:${open_telemetry_version}"
|
|
// Log4J: logging framework (with SLF4J bindings)
|
|
implementation "org.apache.logging.log4j:log4j-slf4j-impl:${log4j_version}"
|
|
implementation "org.apache.logging.log4j:log4j-web:${log4j_version}"
|
|
implementation "org.slf4j:jul-to-slf4j:$slf4j_version"
|
|
implementation "org.jetbrains.kotlin:kotlin-reflect:$kotlin_version"
|
|
implementation "org.fusesource.jansi:jansi:$jansi_version"
|
|
implementation "com.google.guava:guava:$guava_version"
|
|
implementation "commons-io:commons-io:$commons_io_version"
|
|
// For caches rather than guava
|
|
implementation "com.github.ben-manes.caffeine:caffeine:$caffeine_version"
|
|
// For async logging
|
|
implementation "com.lmax:disruptor:$disruptor_version"
|
|
// Artemis: for reliable p2p message queues.
|
|
// TODO: remove the forced update of commons-collections and beanutils when artemis updates them
|
|
implementation "org.apache.commons:commons-collections4:${commons_collections_version}"
|
|
implementation "commons-beanutils:commons-beanutils:${beanutils_version}"
|
|
implementation("org.apache.activemq:artemis-server:${artemis_version}") {
|
|
exclude group: 'org.apache.commons', module: 'commons-dbcp2'
|
|
exclude group: 'org.jgroups', module: 'jgroups'
|
|
}
|
|
implementation("org.apache.activemq:artemis-core-client:${artemis_version}") {
|
|
exclude group: 'org.jgroups', module: 'jgroups'
|
|
}
|
|
// Bouncy castle support needed for X509 certificate manipulation
|
|
implementation "org.bouncycastle:bcprov-jdk18on:${bouncycastle_version}"
|
|
implementation "org.bouncycastle:bcpkix-jdk18on:${bouncycastle_version}"
|
|
implementation "com.esotericsoftware:kryo:$kryo_version"
|
|
implementation "com.fasterxml.jackson.core:jackson-annotations:${jackson_version}"
|
|
implementation "com.fasterxml.jackson.core:jackson-databind:$jackson_version"
|
|
// Manifests: for reading stuff from the manifest file
|
|
implementation "com.jcabi:jcabi-manifests:$jcabi_manifests_version"
|
|
// Coda Hale's Metrics: for monitoring of key statistics
|
|
implementation "io.dropwizard.metrics:metrics-jmx:$metrics_version"
|
|
implementation "io.github.classgraph:classgraph:$class_graph_version"
|
|
implementation "org.liquibase:liquibase-core:$liquibase_version"
|
|
// TypeSafe Config: for simple and human friendly config files.
|
|
implementation "com.typesafe:config:$typesafe_config_version"
|
|
implementation "io.reactivex:rxjava:$rxjava_version"
|
|
implementation("org.apache.activemq:artemis-amqp-protocol:${artemis_version}") {
|
|
// Gains our proton-j version from core module.
|
|
exclude group: 'org.apache.qpid', module: 'proton-j'
|
|
exclude group: 'org.jgroups', module: 'jgroups'
|
|
}
|
|
// For H2 database support in persistence
|
|
implementation "com.h2database:h2:$h2_version"
|
|
// SQL connection pooling library
|
|
implementation "com.zaxxer:HikariCP:${hikari_version}"
|
|
// Hibernate: an object relational mapper for writing state objects to the database automatically.
|
|
implementation "org.hibernate:hibernate-core:$hibernate_version"
|
|
implementation "org.hibernate:hibernate-java8:$hibernate_version"
|
|
// OkHTTP: Simple HTTP library.
|
|
implementation "com.squareup.okhttp3:okhttp:$okhttp_version"
|
|
// Apache Shiro: authentication, authorization and session management.
|
|
implementation "org.apache.shiro:shiro-core:${shiro_version}"
|
|
//Picocli for command line interface
|
|
implementation "info.picocli:picocli:$picocli_version"
|
|
// BFT-Smart dependencies
|
|
implementation 'com.github.bft-smart:library:master-v1.1-beta-g6215ec8-87'
|
|
// Java Atomix: RAFT library
|
|
implementation 'io.atomix.copycat:copycat-client:1.2.3'
|
|
implementation 'io.atomix.copycat:copycat-server:1.2.3'
|
|
implementation 'io.atomix.catalyst:catalyst-netty:1.1.2'
|
|
// Jolokia JVM monitoring agent, required to push logs through slf4j
|
|
implementation "org.jolokia:jolokia-jvm:${jolokia_version}:agent"
|
|
// Optional New Relic JVM reporter, used to push metrics to the configured account associated with a newrelic.yml configuration. See https://mvnrepository.com/artifact/com.palominolabs.metrics/metrics-new-relic
|
|
implementation "com.palominolabs.metrics:metrics-new-relic:${metrics_new_relic_version}"
|
|
// Adding native SSL library to allow using native SSL with Artemis and AMQP
|
|
implementation "io.netty:netty-tcnative-boringssl-static:$tcnative_version"
|
|
implementation 'org.jetbrains.kotlinx:kotlinx-metadata-jvm:0.8.0'
|
|
|
|
testImplementation(project(':test-cli'))
|
|
testImplementation(project(':test-utils'))
|
|
// Unit testing helpers.
|
|
testImplementation project(':node-driver')
|
|
testImplementation project(':core-test-utils')
|
|
testImplementation project(':test-utils')
|
|
testImplementation project(':client:jfx')
|
|
testImplementation project(':finance:contracts')
|
|
testImplementation project(':finance:workflows')
|
|
// sample test schemas
|
|
testImplementation project(path: ':finance:contracts', configuration: 'testArtifacts')
|
|
testImplementation project(':testing:cordapps:dbfailure:dbfworkflows')
|
|
testImplementation "org.assertj:assertj-core:${assertj_version}"
|
|
testImplementation "org.jetbrains.kotlin:kotlin-test:$kotlin_version"
|
|
testImplementation "org.junit.jupiter:junit-jupiter-api:${junit_jupiter_version}"
|
|
testImplementation "junit:junit:$junit_version"
|
|
// Jetty dependencies for NetworkMapClient test.
|
|
// Web stuff: for HTTP[S] servlets
|
|
testImplementation "org.hamcrest:hamcrest-library:2.1"
|
|
testImplementation "org.eclipse.jetty:jetty-servlet:${jetty_version}"
|
|
testImplementation "org.eclipse.jetty:jetty-webapp:${jetty_version}"
|
|
testImplementation "javax.servlet:javax.servlet-api:${servlet_version}"
|
|
testImplementation "org.mockito.kotlin:mockito-kotlin:$mockito_kotlin_version"
|
|
testImplementation "com.google.jimfs:jimfs:1.1"
|
|
testImplementation "co.paralleluniverse:quasar-core:$quasar_version"
|
|
testImplementation "com.natpryce:hamkrest:$hamkrest_version"
|
|
// Jersey for JAX-RS implementation for use in Jetty
|
|
testImplementation "org.glassfish.jersey.core:jersey-server:${jersey_version}"
|
|
testImplementation "org.glassfish.jersey.containers:jersey-container-servlet-core:${jersey_version}"
|
|
testImplementation "org.glassfish.jersey.containers:jersey-container-jetty-http:${jersey_version}"
|
|
|
|
testRuntimeOnly "org.junit.vintage:junit-vintage-engine:${junit_vintage_version}"
|
|
testRuntimeOnly "org.junit.jupiter:junit-jupiter-engine:${junit_jupiter_version}"
|
|
testRuntimeOnly "org.junit.platform:junit-platform-launcher:${junit_platform_version}"
|
|
|
|
integrationTestImplementation project(":testing:cordapps:dbfailure:dbfcontracts")
|
|
integrationTestImplementation project(":testing:cordapps:missingmigration")
|
|
// Integration test helpers
|
|
integrationTestImplementation "de.javakaffee:kryo-serializers:$kryo_serializer_version"
|
|
integrationTestImplementation "junit:junit:$junit_version"
|
|
integrationTestImplementation "org.assertj:assertj-core:${assertj_version}"
|
|
integrationTestImplementation "org.apache.qpid:qpid-jms-client:${protonj_version}"
|
|
|
|
// used by FinalityFlowErrorHandlingTest
|
|
slowIntegrationTestImplementation project(':testing:cordapps:cashobservers')
|
|
// Byteman for runtime (termination) rules injection on the running node
|
|
// Submission tool allowing to install rules on running nodes
|
|
slowIntegrationTestImplementation "org.jboss.byteman:byteman-submit:4.0.22"
|
|
// The actual Byteman agent which should only be in the classpath of the out of process nodes
|
|
slowIntegrationTestImplementation "org.jboss.byteman:byteman:4.0.22"
|
|
|
|
corda4_11 "net.corda:corda-finance-contracts:4.11"
|
|
}
|
|
|
|
tasks.withType(JavaCompile).configureEach {
|
|
// Resolves a Gradle warning about not scanning for pre-processors.
|
|
options.compilerArgs << '-proc:none'
|
|
}
|
|
|
|
tasks.withType(Test).configureEach {
|
|
jvmArgs '-Djdk.attach.allowAttachSelf=true'
|
|
}
|
|
|
|
tasks.register('integrationTest', Test) {
|
|
testClassesDirs = sourceSets.integrationTest.output.classesDirs
|
|
classpath = sourceSets.integrationTest.runtimeClasspath
|
|
maxParallelForks = (System.env.CORDA_NODE_INT_TESTING_FORKS == null) ? 1 : "$System.env.CORDA_NODE_INT_TESTING_FORKS".toInteger()
|
|
// CertificateRevocationListNodeTests
|
|
systemProperty 'net.corda.dpcrl.connect.timeout', '4000'
|
|
}
|
|
|
|
tasks.register('slowIntegrationTest', Test) {
|
|
testClassesDirs = sourceSets.slowIntegrationTest.output.classesDirs
|
|
classpath = sourceSets.slowIntegrationTest.runtimeClasspath
|
|
maxParallelForks = 1
|
|
}
|
|
|
|
// quasar exclusions upon agent code instrumentation at run-time
|
|
quasar {
|
|
excludeClassLoaders.addAll(
|
|
'net.corda.core.serialization.internal.**'
|
|
)
|
|
excludePackages.addAll(
|
|
"antlr**",
|
|
"com.codahale**",
|
|
"com.fasterxml.**",
|
|
"com.github.benmanes.caffeine.**",
|
|
"com.google.**",
|
|
"com.lmax.**",
|
|
"com.zaxxer.**",
|
|
"net.bytebuddy**",
|
|
"io.github.classgraph**",
|
|
"io.netty*",
|
|
"liquibase**",
|
|
"nonapi.io.github.classgraph.**",
|
|
"org.apiguardian.**",
|
|
"org.bouncycastle**",
|
|
"org.codehaus.**",
|
|
"org.h2**",
|
|
"org.hibernate**",
|
|
"org.jboss.**",
|
|
"org.objenesis**",
|
|
"org.w3c.**",
|
|
"org.xml**",
|
|
"org.yaml**",
|
|
"rx**",
|
|
"io.opentelemetry.**")
|
|
}
|
|
|
|
jar {
|
|
baseName 'corda-node'
|
|
}
|
|
|
|
tasks.named('test', Test) {
|
|
maxHeapSize = "3g"
|
|
maxParallelForks = (System.env.CORDA_NODE_TESTING_FORKS == null) ? 1 : "$System.env.CORDA_NODE_TESTING_FORKS".toInteger()
|
|
}
|
|
|
|
publishing {
|
|
publications {
|
|
maven(MavenPublication) {
|
|
artifactId jar.baseName
|
|
from components.java
|
|
}
|
|
}
|
|
}
|